Exemple #1
0
  @PreAuthorize("hasRole('AUTH')")
  @RequestMapping(value = "/admin/users/password.html", method = RequestMethod.GET)
  public String displayChangePassword(
      Model model, HttpServletRequest request, HttpServletResponse response, Locale locale)
      throws Exception {
    setMenu(model, request);
    String userName = request.getRemoteUser();
    User user = userService.getByUserName(userName);

    Password password = new Password();
    password.setUser(user);

    model.addAttribute("password", password);
    model.addAttribute("user", user);
    return ControllerConstants.Tiles.User.password;
  }
Exemple #2
0
  @PreAuthorize("hasRole('AUTH')")
  @RequestMapping(value = "/admin/users/savePassword.html", method = RequestMethod.POST)
  public String changePassword(
      @ModelAttribute("password") Password password,
      BindingResult result,
      Model model,
      HttpServletRequest request,
      HttpServletResponse response,
      Locale locale)
      throws Exception {
    setMenu(model, request);
    String userName = request.getRemoteUser();
    User dbUser = userService.getByUserName(userName);

    if (password.getUser().getId().longValue() != dbUser.getId().longValue()) {
      return "redirect:/admin/users/displayUser.html";
    }

    // validate password not empty
    if (StringUtils.isBlank(password.getPassword())) {
      ObjectError error =
          new ObjectError(
              "password",
              new StringBuilder()
                  .append(messages.getMessage("label.generic.password", locale))
                  .append(" ")
                  .append(messages.getMessage("message.cannot.empty", locale))
                  .toString());
      result.addError(error);
      return ControllerConstants.Tiles.User.password;
    }

    String tempPass = passwordEncoder.encodePassword(password.getPassword(), null);

    // password match
    if (!tempPass.equals(dbUser.getAdminPassword())) {
      ObjectError error =
          new ObjectError("password", messages.getMessage("message.password.invalid", locale));
      result.addError(error);
      return ControllerConstants.Tiles.User.password;
    }

    if (StringUtils.isBlank(password.getNewPassword())) {
      ObjectError error =
          new ObjectError(
              "newPassword",
              new StringBuilder()
                  .append(messages.getMessage("label.generic.newpassword", locale))
                  .append(" ")
                  .append(messages.getMessage("message.cannot.empty", locale))
                  .toString());
      result.addError(error);
    }

    if (StringUtils.isBlank(password.getRepeatPassword())) {
      ObjectError error =
          new ObjectError(
              "newPasswordAgain",
              new StringBuilder()
                  .append(messages.getMessage("label.generic.newpassword.repeat", locale))
                  .append(" ")
                  .append(messages.getMessage("message.cannot.empty", locale))
                  .toString());
      result.addError(error);
    }

    if (!password.getRepeatPassword().equals(password.getNewPassword())) {
      ObjectError error =
          new ObjectError(
              "newPasswordAgain", messages.getMessage("message.password.different", locale));
      result.addError(error);
    }

    if (password.getNewPassword().length() < 6) {
      ObjectError error =
          new ObjectError("newPassword", messages.getMessage("message.password.length", locale));
      result.addError(error);
    }

    if (result.hasErrors()) {
      return ControllerConstants.Tiles.User.password;
    }

    String pass = passwordEncoder.encodePassword(password.getNewPassword(), null);
    dbUser.setAdminPassword(pass);
    userService.update(dbUser);

    model.addAttribute("success", "success");
    return ControllerConstants.Tiles.User.password;
  }